Cybersecurity 101: What It Is and Why It’s Important

For many organizations, cybersecurity can be one of those important topics that unfortunately gets lost in other company priorities. As the explosion of apps, IoT and mobile users bring about countless possibilities for a cyber-attack, today’s savvy organizations understand that a breach is more of a ‘when’ than an ‘if’.

So we’re here to unravel your critical cybersecurity questions.

What is Cybersecurity?

Look online and you’ll find many different ways to describe cybersecurity. It’s relatively all-encompassing, but the main objective is the protection of data. At the heart of the matter is people, process and technology.

The most important thing to know is what security professionals learn on the road to professional certification: cybersecurity is all about protecting the confidentiality, integrity, and availability of information. These three core elements represent the C-I-A triad (not to be confused with the other CIA).

Cybersecurity ensures that data is only seen by who it’s meant for (confidentiality), that it is not modified or deleted by an unauthorized third party (integrity), and it is accessible to anyone who needs it (availability).

As most of our data is connected to the Internet in some way, the definition of cybersecurity has evolved from the information security designation to include defending data and other devices against hackers, or what professionals call bad actors (not to be confused with an unconvincing thespian).

Why Is Cybersecurity Important?

With more data and devices connected to the Internet than ever before, the importance of cybersecurity for any business is escalating. Whether we like it or not, security needs to be top of mind for everyone in your company from the top down. All employees, especially at the executive level, must be aware of what threats exist and how to properly mitigate risk.

Cybersecurity is all about managing risks such as regulatory risks, reputation risks, and financial risks. By managing risks properly, we can build and maintain trust with stakeholders — such as authorities, customers, shareholders, and management — by ensuring that data is protected.

Perhaps the most powerful reason why cybersecurity is important boils down to the human element. After learning about the CIA triad, security professionals quickly learn that humans are the weakest link in the cybersecurity chain.

Especially in today’s constantly connected world, we are making split-second decisions on our devices — both at home and at work — all the time. Hackers and bad actors know this and rely on us to make decisions to either click on something we shouldn’t or divulge privileged information.

We have so much to do in our workday and multi-task by carrying out tasks on countless apps, websites, services, and devices. Unfortunately, cybersecurity is the last thing on our minds as we make our day-to-day and minute-to-minute decisions. When security mechanisms get in the way, too many of us neglect it.

Far too many companies have suffered serious damage due to a data breach; the most recent example being the Marriott attack, in which data belonging to 500 million customers was stolen.

There has never been a greater need for a security-first mindset across your business or enterprise. Our data, our information and our assets are vulnerable and need to be protected with robust security controls, standards, and strategies. However possible, promoting security awareness in your organization is essential.

Types of Cybersecurity

As we touched on earlier, cybersecurity is wide-ranging in scope. To help break things down, there are four essential elements of cybersecurity you need to be aware of.

Application Security

This is probably the most specific type of cybersecurity and primarily covers software. Application security is the control activity used to ensure software applications are protected at all stages of their lifecycle – design, development, deployment, maintenance, upgrade, and retirement.

An example of this would be when you add functionality to your software that would prevent threats, attacks, and breaches.

Mobile application security is also included in this definition.

Network Security

Branching out a little further, we have network security, which covers access and rights to your network and its resources. Network security is there to protect any internal network infrastructure.

Logins, passwords, access rights, VPNs, and firewalls are all examples of what is used to protect the network.

Endpoint Security

Perhaps one of the most crucial defense mechanisms for network security is endpoint security, a strategy to protect the connection between remote devices like laptops, tablets, smartphones and wireless devices and your corporate network. Endpoint security is there to ensure these devices meet your company’s security standards.

Cloud Security

Once we’ve expanded into the cloud, we’re now covering security that protects data and resources that reside on the Internet (hopefully protected in some way). Cloud providers are continually creating and implementing new security tools to help enterprise users better secure their data.

However, it must be noted that Cloud security represents a shared responsibility between your company and the Cloud provider. In other words, the relationship needs to be managed.

IoT (Internet of Things) Security

Finally, there’s IoT security, possibly the most vulnerable element of cybersecurity. Internet-connected cameras, home appliances, voice assistants and more — by design they are not only connected to our private networks but also connected to the Internet.

What makes these devices so vulnerable is that most users don’t change the default passwords, turning them into easy targets for hackers.

Cybersecurity Threats

In today’s business landscape, the threats to our assets and data are skyrocketing. Almost everything that touches your business could be a potential cybersecurity headache, but there are several prominent threats you should know about.

DOS (Denial of Service) Attack

A DOS attack occurs when an attacker actively prevents your users or customers from accessing one or more of your resources. Usually, this attack is achieved by sending an overwhelming amount of data for your resource to process, bringing the service down.

Malware/Viruses/Ransomware

These attacks contain malicious code that can wreak havoc on your systems, and are typically brought about by a user clicking on a harmful link he or she is not aware of, or can also be embedded within software and file downloads.

Both viruses and ransomware are types of malware.

Ransomware is malware that, once invoked, forces the victim to pay a ransom to the hacker to prevent the malware from creating disaster (usually locking and encrypting data to render it inaccessible).

Phishing

Phishing is perhaps the easiest way for an attacker to obtain sensitive information like usernames, passwords or juicy financial details. In a typical phishing attack, an email is sent to trick the target into thinking it is coming from a legitimate business or person. The emails usually contain a link that, if clicked on, take the user to a fraudulent website made to look like a valid login or support page to capture their confidential information.

Social engineering

Phishing is a form of social engineering, in which tactics are used to trick people into divulging sensitive information. While phishing relies on technology, social engineering does not require any technical know-how. With the right data, an attacker can call someone at your company, say the right things to establish trust, and get them to reveal data that should be kept confidential.

Physical security breach

A physical security breach is when a laptop, mobile device, USB stick or other resource is lost or stolen. Another example of a physical security breach would be an unauthorized individual entering your place of business with the intent of stealing data, assets, or resources.

Data breach

A data breach occurs when there is a leak, compromise or theft of a company’s data or information relating to its business or its customers.

You may also want to outsource cybersecurity functions to a managed security service provider.

Regardless of who is responsible for threat management in your organization, there are a few basic strategies you simply cannot ignore:

Software, anti-virus, firewalls, and systems are patched and up to date

An incident response plan is clearly defined and in place

Users and management are well-educated about cybersecurity and how to recognize attacks like phishing

Still not sure how to start? We’ve teamed up with SANS Institute to bring you “Cyber Threat Checklist: Are you Prepared?” a special webinar to help plan your strategy for assembling the key components you need to include.

About The Author

Mark McGlenn is Senior Manager of Risk and Compliance Services for Absolute. Mark has over 15 years of experience in Internal Audit, Compliance testing, Risk Management, IT Security, Accounting, and Fraud Prevention. He has developed and managed risk-based corporate internal audit programs with a focus on compliance testing (SOX, PCI, AML) and process and internal control improvements. Leveraging best practices such as CIS Critical Controls, NIST CSF, NIST 800-53, Mark has designed cyber-security assessment procedures and performed engagements in both the public and private sectors. His unique experiences assist Absolute customers in addressing compliance concerns and securing the endpoint.